[dovecot-cvs] dovecot/src/auth auth-request-handler.c, 1.12.2.4, 1.12.2.5

tss at dovecot.org tss at dovecot.org
Sun Nov 5 16:12:15 UTC 2006


Update of /var/lib/cvs/dovecot/src/auth
In directory talvi:/tmp/cvs-serv25356

Modified Files:
      Tag: branch_1_0
	auth-request-handler.c 
Log Message:
Don't send "pass" back if it's already set, or if it's not known.



Index: auth-request-handler.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/auth-request-handler.c,v
retrieving revision 1.12.2.4
retrieving revision 1.12.2.5
diff -u -d -r1.12.2.4 -r1.12.2.5
--- auth-request-handler.c	4 Nov 2006 11:22:15 -0000	1.12.2.4
+++ auth-request-handler.c	5 Nov 2006 16:12:13 -0000	1.12.2.5
@@ -111,6 +111,7 @@
 	string_t *str;
 	const char **fields, *extra_fields;
 	unsigned int src, dest;
+	bool seen_pass = FALSE;
 
 	extra_fields = request->extra_fields == NULL ? NULL :
 		auth_stream_reply_export(request->extra_fields);
@@ -125,20 +126,23 @@
 	}
 
 	str = t_str_new(128);
-	if (request->proxy) {
-		/* we're proxying - send back the password that was
-		   sent by user (not the password in passdb). */
-		str_printfa(str, "pass=%s", request->mech_password);
-	}
-
 	fields = t_strsplit(extra_fields, "\t");
 	for (src = dest = 0; fields[src] != NULL; src++) {
 		if (strncmp(fields[src], "userdb_", 7) != 0) {
 			if (str_len(str) > 0)
 				str_append_c(str, '\t');
+			if (!seen_pass && strncmp(fields[src], "pass=", 5) == 0)
+				seen_pass = TRUE;
 			str_append(str, fields[src]);
 		}
 	}
+
+	if (request->proxy && !seen_pass && request->mech_password != NULL) {
+		/* we're proxying - send back the password that was
+		   sent by user (not the password in passdb). */
+		str_printfa(str, "pass=%s", request->mech_password);
+	}
+
 	return str_len(str) == 0 ? NULL : str_c(str);
 }
 



More information about the dovecot-cvs mailing list